I have a VPS with dedicated IP address in the UK. I use it to host a static website and email, and to fetch RSS feeds. Some of those RSS feeds are getting blocked by cloudflare. Doing the CAPTCHA to get around it would be inconvenient (I guess I’d have to set up Xvnc or a tunnel to use a browser). Server is Debian 9 and is up to date and I have run chkrootkit and lynis.
I already have a monitor set up in ProjectHoneyPot from months back when I had the same problem. That monitor reports the IP as clean, but actually checking the same IP from their front page it comes up with a hit 2 days ago. So that inconsistency is a bit rubbish. As I understand it, a hit on ProjectHoneyPot means that someone somewhere has sent spam with my IP address in it. It doesn’t necessarily mean that my server is compromised, it just means that some idiot out there has my IP address in his spam scripts.
Really CloudFlare has way too much power to just be banning IPs without any transparency about why. The excuse that it is the site owner who enabled the banning doesn’t really cut it. I should be able to request the trail of evidence, so that if there is a problem on my server, I can fix it. ProjectHoneyPot itself seems dubious because it seems like a malicious actor could DoS my IP’s access to cloudflare-hosted sites by just sending out spam mentioning my IP address. I’ve already whitelisted my IP once with ProjectHoneyPot but the option doesn’t seem to be available any more.
If there is an issue with my server I’d like to fix it, but having done various scans and so on I can’t see any problem. So the only option left seems to be to try to get a tunnel or proxy set up to do the CAPTCHAs. But really this is a pretty poor situation. Is there anything else I can do?